查看文章

Security vulnerabilities continue to infect web applications, allowing attackers to access sensitive data and exploiting legitimate web sites as a hosting ground for malware. Consequently, researchers have focused on various approaches to detect and prevent critical classes of security vulnerabilities in web applications, including anomaly-based and misuse-based detection mechanisms, static and dynamic server-side and client-side web application security policy enforcement. This paper present a survey on web application security aspects includes critical vulnerabilities, hacking tools and also approaches to improve web application and websites security level.